In message <m19sFuU-000AziC@proven.weird.com>, "Greg A. Woods" writes:
>It's not "rubbish" because in fact there's no huge amount of effort
>necessary to make everything work though BSD Auth.  We're really talking
>only about one or a at most a couple of very simple new system calls
>(they must be kept as simple as possible given they are security
>related).

And, perhaps more importantly, we could import the code from OpenBSD
*today* and have it working for every other case.

There is no obvious loss; this is monotonic improvement in the system's
functionality.  It doesn't prevent us from also including PAM later,
if someone wants to do that work.

It really looks as though the interfaces are different enough that we
probably can't easily build a superset of their functionality.  But, we
*can* plug one of them in, today, from working and multiply-audited code.
For easy programs (xdm, etc), a BSD/OS "contrib source" CD should have
all the work done already - and indeed, apparently xdm already has the
ifdefs.

In principle, I like the idea of a best-of-both-worlds implementation, except
that I don't *trust* such things.  Too many attempts to build a "superset"
end up getting bogged down - indeed, given the number of times this debate
has been had, I think it's clear that this attempt *has* bogged down.

BSD Auth is clean, and does *nearly* everything already.  It is not clear
to me what exactly it is that AFS needs to be able to do in the client's
address space that can't be handled by passing data back to the client,
and having the client know how to deal with it.  I will investigate further.

-s